com.atlassian.asap.it

Class BaseIntegrationTest

java.lang.Object

com.atlassian.asap.it.BaseIntegrationTest

public abstract class BaseIntegrationTest
extends Object

Performs integration testing by making HTTP requests. Subclasses of this implement the server start/stop and inherit the tests.

Field Summary

Fields

Modifier and Type	Field and Description
protected static String	AUDIENCE
protected static String	ISSUER1
protected static String	ISSUER1_EC_KEY_ID
protected static String	ISSUER1_ONLY_PRIV_KEY_RSA_KEY_ID
protected static String	ISSUER1_RSA_KEY_ID
protected static String	ISSUER2
protected static String	ISSUER2_RSA_KEY_ID
protected static KeyProvider<PublicKey>	PUBLIC_KEY_PROVIDER
protected static String	RESOURCE
protected static String	UNAUTHORIZED_SUBJECT

Constructor Summary

Constructors

Constructor and Description
BaseIntegrationTest()

Method Summary

Modifier and Type	Method and Description
protected abstract URI	getUrlForResourceName(String resourceName)
void	shouldAcceptRequestWithValidES256Token() Verifies that the server accepts requests with a valid token using ES256.
void	shouldAcceptRequestWithValidPS256Token() Verifies that the server accepts requests with a valid token using PS256.
void	shouldAcceptRequestWithValidRS256Token() Verifies that the server accepts requests with a valid token using RS256.
void	shouldRejectRequestIfPublicKeyCannotBeFound() Verifies that the server rejects requests if the public key cannot be found.
void	shouldRejectRequestWithBasicAuth() Verifies that the server rejects requests that do not have a bearer token.
void	shouldRejectRequestWithMalformedToken() Verifies that the server rejects requests which have an uparseable token.
void	shouldRejectRequestWithoutAuthenticationHeader() Verifies that the server rejects requests that lack the authentication header.
void	shouldRejectRequestWithUnauthorizedIssuer() Verifies that the server rejects requests if the issuer is not authorized.
void	shouldRejectRequestWithUnauthorizedSubject() Verifies that the server rejects requests if the subject is not authorized.
void	shutdownHttpClient()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

AUDIENCE

protected static final String AUDIENCE

See Also:

Constant Field Values

ISSUER1

protected static final String ISSUER1

See Also:

Constant Field Values

ISSUER2

protected static final String ISSUER2

See Also:

Constant Field Values

ISSUER1_RSA_KEY_ID

protected static final String ISSUER1_RSA_KEY_ID

See Also:

Constant Field Values

ISSUER1_EC_KEY_ID

protected static final String ISSUER1_EC_KEY_ID

See Also:

Constant Field Values

ISSUER1_ONLY_PRIV_KEY_RSA_KEY_ID

protected static final String ISSUER1_ONLY_PRIV_KEY_RSA_KEY_ID

See Also:

Constant Field Values

ISSUER2_RSA_KEY_ID

protected static final String ISSUER2_RSA_KEY_ID

See Also:

Constant Field Values

PUBLIC_KEY_PROVIDER

protected static final KeyProvider<PublicKey> PUBLIC_KEY_PROVIDER

RESOURCE

protected static final String RESOURCE

See Also:

Constant Field Values

UNAUTHORIZED_SUBJECT

protected static final String UNAUTHORIZED_SUBJECT

See Also:

Constant Field Values

Constructor Detail

BaseIntegrationTest

public BaseIntegrationTest()

Method Detail

getUrlForResourceName

protected abstract URI getUrlForResourceName(String resourceName)

shutdownHttpClient

public void shutdownHttpClient()

shouldRejectRequestWithoutAuthenticationHeader

public void shouldRejectRequestWithoutAuthenticationHeader()
                                                    throws Exception

Verifies that the server rejects requests that lack the authentication header.

Throws:

Exception - if the test fails to execute

shouldRejectRequestWithBasicAuth

public void shouldRejectRequestWithBasicAuth()
                                      throws Exception

Verifies that the server rejects requests that do not have a bearer token.

Throws:

Exception - if the test fails to execute

shouldRejectRequestWithMalformedToken

public void shouldRejectRequestWithMalformedToken()
                                           throws Exception

Verifies that the server rejects requests which have an uparseable token.

Throws:

Exception - if the test fails to execute

shouldAcceptRequestWithValidRS256Token

public void shouldAcceptRequestWithValidRS256Token()
                                            throws Exception

Verifies that the server accepts requests with a valid token using RS256.

Throws:

Exception - if the test fails to execute

shouldAcceptRequestWithValidPS256Token

public void shouldAcceptRequestWithValidPS256Token()
                                            throws Exception

Verifies that the server accepts requests with a valid token using PS256.

Throws:

Exception - if the test fails to execute

shouldAcceptRequestWithValidES256Token

public void shouldAcceptRequestWithValidES256Token()
                                            throws Exception

Verifies that the server accepts requests with a valid token using ES256.

Throws:

Exception - if the test fails to execute

shouldRejectRequestWithUnauthorizedSubject

public void shouldRejectRequestWithUnauthorizedSubject()
                                                throws Exception

Verifies that the server rejects requests if the subject is not authorized.

Throws:

Exception - if the test fails to execute

shouldRejectRequestIfPublicKeyCannotBeFound

public void shouldRejectRequestIfPublicKeyCannotBeFound()
                                                 throws Exception

Verifies that the server rejects requests if the public key cannot be found.

Throws:

Exception - if the test fails to execute

shouldRejectRequestWithUnauthorizedIssuer

public void shouldRejectRequestWithUnauthorizedIssuer()
                                               throws Exception

Verifies that the server rejects requests if the issuer is not authorized.

Throws:

Exception - if the test fails to execute